Language
-
From a personal freedom POV, I agree. But, if it was easy it would be a support nightmare.
Google and Apple scan every app that gets loaded into their app stores for malware. There's also a lengthy review process, even just for updates. Some malware does still slip through, but it's a trickle compared to what gets blocked. If sideloading apps were easy, my younger sister would be in so much trouble. She'd have various accounts phished within a day. She'd install something that drains the battery within an hour and not understand what was going wrong. And, she's relatively tech savvy. I have no idea how the older generation would survive.
Of course, since Apple and Google make 30% of every sale on the app store, they're not purely motivated to just keep their users safe. The real problem is that there is a duopoly in smartphones. Apple and Google have essentially the same policies, and if you don't like them you have no other options. If there were a dozen OSes, there could be smart phones for Granny that had everything locked down, and smart phones for h4x04z that didn't. Companies that struck a good balance between protecting their users and allowing their users freedom would do well in the market. Companies that didn't would shrink and fail.
Sure, but there's a good argument that that should be an end-user issue, and not something that the OS/Phone manufacturer should be trying to mitigate. It's a risk you take when owning a device, that you can also break it, or get it infected.
Otherwise, why bother selling the phone in the first place, rather than contracting it out under a rental agreement?
-
Intriguing! I'm concerned about the "advanced power management algorithms" they're putting up front and center without clarifying. My current phone (OnePlus) is very aggressive about that and just kills my alarm clock in the middle of the night once in a while and breaks other apps, even with optimizations disabled and the phone plugged in. Furiphone isn't listed on DontKillMyApp and I didn't see anything with a quick search, have you heard anything about how it does on that?
Also that size, oof. Mine is already too big and this is noticeably bigger in all 3 dimensions.
I have a Ulefone, which is too small of a brand for there to be much specific guidance on how to counter some of the unwelcome power management stuff
-
Phones are terrible anti-user devices, so I can't do the things I'd like to do with it that I can't also accomplish on a website. Wasn't that kinda the problem that was initially stated in the OP?
Maybe I phrased it poorly. I meant, what things do you do on your phone that wouldn't be possible on a website if you were on another platform?
Actually, I've been actively trying to use Firefox Mobile for everything I reasonably can on my phone, and it's way more possible than you might think.
I actually think a browser model limits a lot of what you say here,
I think you misunderstand me here. I'm not asking for a browser model to increase the number of things that app developers can do, I want to increase the number of things that end-users can safely do, and running web apps in a browser are currently the easiest way to do that.
and browsers definitely have ecosystem lock-in problems: what Google says essentially goes these days. The browser isn't the great liberator of phones imo.
That's absolutely a huge problem, yes; but it's a different one. And in the faintest praise possible, Google does at least maintain fairly solid web standards.
I do however think it's a weird way to try to fix the phone ecosystem by replacing a restrictive sandbox with a restrictive sandbox that also ties you to a really terrible development ecosystem.
It would be a replacing a sandbox that's restrictive for the user and developer with one that's only restrictive for the developer. And I don't think it's a particularly terrible development ecosystem; in a lot of ways, the front-end dev ecosystem is the most mature ecosystem. We're absolutely spoiled for choice in IDEs, in linting tools, in packages...I mean, I used to work in email development years ago. THAT is a terrible development ecosystem, let me tell you.
I meant, what things do you do on your phone that wouldn’t be possible on a website if you were on another platform?
This is still begging the question: your question contains the assertion that the current smart phone model must continue. If you only think about the things you currently do with it, then of course you can do a lot of the same things with a browser model: they're both restrictive sandboxes in similar ways. Interestingly though, I can name a few things already that are currently easy on an Android phone but not in a browser, the most obvious being running any sort of network server. You can't take advantage of Linux's configfs and functionfs APIs on a device that is ironically the best device made to use them. I mean, browsers were never even designed to allow filesystem access so an API would need to be added for that even, something so trivial. There are an almost infinite number of things you can do with direct access to an OS compared to through browsers; browsers are required to treat every single thing they do on behalf of the server they're talking to as malicious. That's the whole threat model, and it's completely correct, but I don't want that threat model applied to my entire device.
I think we're just thinking of different things. You seem to be thinking about how to remake the current smart phone experience, and that's pretty easy to do with a browser model. I think the current smart phone experience is pretty bad and incredibly limiting, so I see a move to the browser model pretty much... no different. I wouldn't be particularly excited. I never understood the Boot2Gecko excitement anyway.
I'd like to see a smart phone that is just a small computer that happens to also have phone functionality. Where you actually have an entire Linux system available to you, and you're allowed unconfined root access. You simply can't get that if you're being sandboxed by anything. To be honest if Android just stopped all the insanity around full, meaningful root access and unmodifiable hardware roots of trust, I wouldn't need anything else. I like the availability of the tightly controlled application sandboxes. I love the use of SELinux throughout.
With respect to the development ecosystem.. we can agree to disagree I guess. I'd rather leave the industry than deal with modern web development, but that's just my personal opinion.
Google does at least maintain fairly solid web standards
I have to strongly disagree with this though. Google wants to bring it's attestation APIs to browsers. What a nightmare. They also try to move browser addon development in user hostile ways, like trying to kill ad blocking. I don't trust Google to have the user's best interest in mind for a single second.
Anyway, I asked where you're coming from so thanks for sharing.
-
I meant, what things do you do on your phone that wouldn’t be possible on a website if you were on another platform?
This is still begging the question: your question contains the assertion that the current smart phone model must continue. If you only think about the things you currently do with it, then of course you can do a lot of the same things with a browser model: they're both restrictive sandboxes in similar ways. Interestingly though, I can name a few things already that are currently easy on an Android phone but not in a browser, the most obvious being running any sort of network server. You can't take advantage of Linux's configfs and functionfs APIs on a device that is ironically the best device made to use them. I mean, browsers were never even designed to allow filesystem access so an API would need to be added for that even, something so trivial. There are an almost infinite number of things you can do with direct access to an OS compared to through browsers; browsers are required to treat every single thing they do on behalf of the server they're talking to as malicious. That's the whole threat model, and it's completely correct, but I don't want that threat model applied to my entire device.
I think we're just thinking of different things. You seem to be thinking about how to remake the current smart phone experience, and that's pretty easy to do with a browser model. I think the current smart phone experience is pretty bad and incredibly limiting, so I see a move to the browser model pretty much... no different. I wouldn't be particularly excited. I never understood the Boot2Gecko excitement anyway.
I'd like to see a smart phone that is just a small computer that happens to also have phone functionality. Where you actually have an entire Linux system available to you, and you're allowed unconfined root access. You simply can't get that if you're being sandboxed by anything. To be honest if Android just stopped all the insanity around full, meaningful root access and unmodifiable hardware roots of trust, I wouldn't need anything else. I like the availability of the tightly controlled application sandboxes. I love the use of SELinux throughout.
With respect to the development ecosystem.. we can agree to disagree I guess. I'd rather leave the industry than deal with modern web development, but that's just my personal opinion.
Google does at least maintain fairly solid web standards
I have to strongly disagree with this though. Google wants to bring it's attestation APIs to browsers. What a nightmare. They also try to move browser addon development in user hostile ways, like trying to kill ad blocking. I don't trust Google to have the user's best interest in mind for a single second.
Anyway, I asked where you're coming from so thanks for sharing.
I think I'd rather my phone be a little "dumber" than my laptop or desktop, though. Or I want it to be powerful enough to be the brains of both, but that would make it expensive enough that I would worry about losing it. Making it just a browser gives it enough utility to be broadly useful, but also enough friction that I won't get sucked into it.
Also, I think a low-cost, low-power, mass-market B2G-type phone (a la the Chromebook) is way more likely than a mass-market Linux phone. Maybe that's just me being cynical, though.
As for Google, yeah. I agree that they don't have the users' best interest in mind. But there's currently enough of a pull from mobile Safari that they're willing to play by the rules for now. My understanding is that the Web Attestation API was basically dead in the water—though maybe that's me being too optimistic, ha.
Anyway, I asked where you're coming from so thanks for sharing.
Same to you! Good conversation. I appreciate it.
-
Well there actually is a problem this can help solve. Malware. There are other concerns that are bigger motivators for Google, but the ability to lock shit down can help control security issues.
Most people can’t get the software they run on their devices. The idea of “you can trust me, bro” is fucking dumb, even in the open-source world. This helps nerf this for the stupid people who buy this shit. It’s a priority because there are more stupid people willing to buy a product and put up with its bullshit than there are smart people willing to put in the effort themselves.
But also money.
-
I can't even get people to switch to LibreOffice, not cuz they use some advanced MS Office feature but because the interface "looks dated". So they'd rather pay a subscription for life to use software that spies on them than download free software that does what they need but has a 2010s style interface.
Humans suck so much.
I get what you are saying but is it really too much to ask for an interface that looks like it belongs there?
-
meh both on mac and windows you’re not the true admin of the machine. mac requires disabling SIP and some others to even be able to delete default applications for example and don’t get me started on windows. linux ftw (as I type this from my old ass ios device)
you can get all the right you need with a little trickery. I mean, psexec is made and distributed by Microsoft, freely. a simple download. and I don't think it's bad that the average user can't run everything immediately as TrustedInstaller or SYSTEM.
-
From a personal freedom POV, I agree. But, if it was easy it would be a support nightmare.
Google and Apple scan every app that gets loaded into their app stores for malware. There's also a lengthy review process, even just for updates. Some malware does still slip through, but it's a trickle compared to what gets blocked. If sideloading apps were easy, my younger sister would be in so much trouble. She'd have various accounts phished within a day. She'd install something that drains the battery within an hour and not understand what was going wrong. And, she's relatively tech savvy. I have no idea how the older generation would survive.
Of course, since Apple and Google make 30% of every sale on the app store, they're not purely motivated to just keep their users safe. The real problem is that there is a duopoly in smartphones. Apple and Google have essentially the same policies, and if you don't like them you have no other options. If there were a dozen OSes, there could be smart phones for Granny that had everything locked down, and smart phones for h4x04z that didn't. Companies that struck a good balance between protecting their users and allowing their users freedom would do well in the market. Companies that didn't would shrink and fail.
my younger sister would be in so much trouble.
your younger syster should have parental controls on, and it's worrying that you suggest it is not the case. I don't know their age but most probably they shouldn't be able to install any apps from anywhere without parent approval.
She'd have various accounts phished within a day.
guessing fron what we already know, she probably shouldn't have half of those accounts.
-
Not corporate IT, but IT for home users, back in the days when things were much less locked down basically every computer i got access too was completely crawling with malware. Had tons of people lose all of their data including family photos and the like because they dowloaded something dodgy off limewire and their system just let them run it.
Why cant you guys understand that the vast vast majority of computer users are not technical? And as such need those safety rails in place to save them from their own ignorance?
wrote last edited by [email protected]they are crawling with malware today, from the factory, except it is harder to remove, especially on smartphones.
safety rails are not steal walls. instead of walls education is needed. education can happen not only in schools.
-
Sounds fairly sane to me.
This is fine, but the other 582 pages contain some real doozies.
-
Well there actually is a problem this can help solve. Malware. There are other concerns that are bigger motivators for Google, but the ability to lock shit down can help control security issues.
Most people can’t get the software they run on their devices. The idea of “you can trust me, bro” is fucking dumb, even in the open-source world. This helps nerf this for the stupid people who buy this shit. It’s a priority because there are more stupid people willing to buy a product and put up with its bullshit than there are smart people willing to put in the effort themselves.
But also money.
Well there actually is a problem this can help solve. Malware.
Most of the malware on Android is already on the Play Store. I mean that both in a snarky and sarcastic fashion, but also literally.
-
Even people who are not being supported by any IT department at all? For example, home users. If they break their device they will learn how to not break their next one and therefore become more technologically proficient.
oooh boy, do I have a bridge to sell to you
-
my younger sister would be in so much trouble.
your younger syster should have parental controls on, and it's worrying that you suggest it is not the case. I don't know their age but most probably they shouldn't be able to install any apps from anywhere without parent approval.
She'd have various accounts phished within a day.
guessing fron what we already know, she probably shouldn't have half of those accounts.
My younger sister is in her 40s. She's a pretty typical cell phone user.
-
So annoyed that just bought a Pixel 8a for Graphene. I thought I'd get to use it til 2030 when it stops getting security patches and now I might not even get a full year out of it.
GrapheneOS still intends to support all the supported devices until EOL. The sideloading change doesn't affect them. It won’t apply to GrapheneOS. It only applies to certified OSes and GrapheneOS is not certified because it doesn’t license Google Mobile Services. As per the rip out of the device trees for Pixels, that just makes Pixels like other phones. GrapheneOS has been able to expand it's automation to build that device support themselves. For new devices, making the support will take longer than it did in the past though, but they will still support those Pixels, as long as they meet the hardware requirements and still allow third-party OS support with all security features intact. Besides that GrapheneOS is actively talking with a major Android OEM right now in order to help them reach the security requirements for a subset of their future devices. They are very optimistic about that.
-
Well there actually is a problem this can help solve. Malware. There are other concerns that are bigger motivators for Google, but the ability to lock shit down can help control security issues.
Most people can’t get the software they run on their devices. The idea of “you can trust me, bro” is fucking dumb, even in the open-source world. This helps nerf this for the stupid people who buy this shit. It’s a priority because there are more stupid people willing to buy a product and put up with its bullshit than there are smart people willing to put in the effort themselves.
But also money.
It should be as easy to do as enabling developer options on your android. Tap a certain thing several times in a row and it unlocks it, permanently.
-
I finally want to switch to android and boom: Custom ROMs and "sideloading" gets swept off the platter. Well ok I guess I‘ll just wait for a good linux mobile OS
Heh, good luck trying to sideload anything on Linux...
-
Not corporate IT, but IT for home users, back in the days when things were much less locked down basically every computer i got access too was completely crawling with malware. Had tons of people lose all of their data including family photos and the like because they dowloaded something dodgy off limewire and their system just let them run it.
Why cant you guys understand that the vast vast majority of computer users are not technical? And as such need those safety rails in place to save them from their own ignorance?
Most Android phone owners don't even know they are Android phone owners.
-
I'm probably going to spam this around a bit, since most people don't seem to know about it, but a reminder that FuriLabs has a (GNU+)Linux phone with decent spec.s and the ability to run Android app.s (from what I've heard) pretty decently: https://furilabs.com/
Biggest drawback is it's based on Halium. Usual growing pains of a new product/company apply but apparently the company is pretty responsive and their dev.s have worked with customers to get things like calling working with the carrier and bands of their country where it hasn't worked before so improvements move pretty quickly.
Collection of different experiences I've variously seen online over the last year or so:
- https://clehaxze.tw/gemlog/2025/07-20-flx1-actually-usable-linux-phone.gmi
- https://news.ycombinator.com/item?id=41839326
- https://www.reddit.com/r/linux/comments/1fa1ljn/furilabs_flx1/
- https://www.reddit.com/r/linux/comments/1j46f2w/flx1_linux_phone_display_out/
- https://www.theregister.com/2025/02/03/furiphone_flx1/
I don't own one, myself, so I can't give any personal experience but I've seen it around for a few years now but most people don't seem to even know about it. Maybe there's a reason for that? But none I've ever seen anyone say.
You can't sideload in Linux. Not unless you have a PHD in computer engineering.
-
The key thing to understand is that there's a big fucking difference between a "repository" and an "app store." One is designed for the convenience of users; the other is designed to exploit them.
There is no functional difference.
-
That's a moron take. Plenty of people have no business downloading random apps. It takes all of 15 seconds with a Google search to side load. It's a fucking idiot test.
But yeah I'm sure if this check weren't there people would flock to fdroid
wrote last edited by [email protected]But they would use the Play store wouldn't they. They're not going to use the "dark web" (aka beyond the first 5 entries on a Google search).
